Security | News, how-tos, features, reviews, and videos

CSO  >  Botnets
One lock in a series is unlocked / weakness / vulnerability

new solarwinds thumb

Tips for finding signs of SolarWinds-type attacks in Active Directory

The SolarWinds attackers used sophisticated techniques to steal admin credentials. Here’s what to look for in AD.

infographic of cloudscape reflect to modern multicloud technology picture id1262031859 2

How one multi-cloud-based business manages security controls

AppsFlyer processes 80 terabytes of data a day across multiple cloud hosting services. It scales its security needs by keeping a close eye on identity governance and access controls.

A computer monitor displays abstract data, a skill and crossbones, and 'HACKED.'

SonicWall warns customers about zero-day vulnerabilities

Attack targets SonicWall's SMA Series access management gateways and is another in a string of incidents against security vendors.

green army soldier on a laptop keyboard

Why you're probably doing endpoint security all wrong

The traditional combination of username and password to secure company devices and systems is outdated and could be putting your business at risk. Employing an AI based continuous identity management system could eliminate nearly all...

medical data accessed via tablet / healthcare IoT monitoring

HIPAA explained: definition, compliance, and violations

This landmark law imposes stringent privacy and security mandates on health care providers—and most of their IT vendors.

resume handshake cv career job search interview

10 ways to prep for (and ace) a security job interview

You've landed an interview for that security job you've had your eye on. Now prepare to land the job with these 10 techniques to get noticed and make an impression

youtube thumbnails template 021020

Congress addresses SolarWinds attack, Biden’s cybersecurity plan

While the federal government and businesses continue to reel from the SolarWinds attack, members of Congress have begun proposing cybersecurity measures to better strengthen the United States against foreign cyber attacks. In this...

square peg in a round hole / wooden block shapes toy

4 ways security has failed to become a boardroom issue

New research finds that despite being more engaged with cybersecurity, business executives and board members continue to view cybersecurity as a technology domain rather than a business concern.

'expert knowledge' stamp of certification

CISSP certification guide: Requirements, training, and cost

Certified Information Systems Security Professional, or CISSP, is a certification for advanced IT professionals who want to demonstrate that they can design, implement, and manage a cybersecurity program at the enterprise level

2 dark web

The state of the dark web: Insights from the underground

The rise of professional criminal gangs, malware as a service, and improved infrastructure for carrying out criminal activity are changing the dark web. Here's what that means for enterprise security.

A fishing lure with multiple hooks baits a binary stream. [fraud / phishing / social engineering]

How to prepare for an effective phishing attack simulation

Here's what users need to know about phishing attacks before you send out a test email.

youtube thumbnails template 021020

Tips for conducting effective phishing simulations

Poorly executed phishing simulations can send the wrong message to employees. Here’s how to do it right.

podcast 3x16 2
Sponsor Podcast Microsoft

Episode 2: Empowering employees to be secure and productive

Episode 2: When it comes to protecting your business, security is a team sport. Criminal hackers –increasingly sophisticated and persistent – are playing offense, trying to find weak spots to breach an organization. And everyone in...

padlock / Domain Name System / DNS / ICANN / security

Flaws in widely used dnsmasq software leave millions of Linux-based devices exposed

A set of seven vulnerabilities, called DNSpooq, allows attackers to redirect users or execute malicious code. Patch dnsmasq now.

ransomware attack

New Intel CPU-level threat detection capabilities target ransomware

The new capabilities in the Intel mobile processors will make it harder for ransomware to avoid detection.

cso50 prudential ttthumb

How Prudential Financial gamifies security training

Jeff Thomas is CSO of Prudential Financial where his team created a CSO50 award-winning workplace threat management training course designed to capture employee attention and maintain interest. The solution combines a story with a...

virtual puzzle cube / problem-solving / solution / strategy

How to reboot a broken or outdated security strategy

CISOs talk about how they identify when they need a new security strategy and the process of developing it and selling the reboot to stakeholders.

United States Capitol building / United States Congress / abstract security concept

SolarWinds hack is quickly reshaping Congress’s cybersecurity agenda

More cybersecurity funding for states and Capitol, new breach reporting rules, and ransomware-related bills will likely be on the agenda for the 117th Congress.

Load More